Unable to login through GitHub Login
claudep opened this issue · comments
From time to time, my login session on code.djangoproject.com
expires, and normally clicking on GitHub Login is enough to login again. Today nothing happens when I click that link. Any known issue?
Same thing for me, wasn't able to login on either FF or Chrome.
Confirming the same problem here.
From the network console I can see:
- request to
https://code.djangoproject.com/github/login
- redirect to
https://github.com/login/oauth/authorize?response_type=code[...]
- redirect to
https://code.djangoproject.com/github/oauth?code=[...]
- that last one redirects back to the landing page proper, having done
set-cookie: trac_auth=[...secret value...]
, expiring on the 26th of Feb. - when the final page loads (
https://code.djangoproject.com/
) it includesset-cookie: trac_auth=[BLANK]; expires=Sat, 12 Feb 2022 16:35:24 GMT [...]
Notably the trac_auth
which is I assume the relevant cookie is empty, and the expiry date is a few hours ago (I'm GMT, it's 19:30, not 16:30 ...)
Seeing the same thing, that will be fun to fix I guess :)
Ok, I think I fixed it.
/cc @tobiasmcnulty & @MarkusH for the server migration. Now that Trac is behind fastly the IPs are Fastly IPs and we had check_auth_ip enabled in the configuration of trac. I have disabled this on the server for now so logins do work again. We should see which x-forwarded-for (etc) headers fastly can provide and reuse those.
Thanks for the reports + @apollo13 for the quick fix! As discussed on IRC I think we can leave the setting disabled (see: https://trac.edgewall.org/ticket/7664), but we will work to get the true client IP safely in a header where our apps can pick it up.
Thanks @apollo13, it works now.